Remote-controlled machines are vulnerable to attack
February 7, 2019
A white paper published by the company shows that attackers can remotely control or simulate malfunctions in machinery. Radio-controlled cranes and drills from the seven most popular manufacturers are just some of the machines that may be at risk here. Unlike smartphones, industrial equipment is difficult to bring into line with the current security standard, says Trend Micro. This is down to long life spans, high replacement costs, and cumbersome patching processes. The experts identified three broad vulnerability patterns : First, there is often no rolling code that is constantly changed; second, weak or no cryptography is used; and third, a lack of software protection means additional weak points. It is recommended that companies determine their most important resources and systems and make protecting these their top priority. Moreover, when using radio remote controllers, it is vital that the relevant software and firmware is constantly kept up to date and that standardized protocols are implemented.
Retrofit strategies, to retrofit old machines with digital technology, also harbor security risks. Wolfgang Decker from management consulting firm Accenture highlights this in an article on German online portal produktion.de. Each retrofit that connects an industrial machine with the Internet in theory also renders this machine accessible to third parties.